switnet
/
quick-jibri-installer
2
1
Fork 1
Code Issues 2 Pull Requests 1 Packages Projects Releases 13 Wiki Activity

fix and minimize required db permissions

This commit is contained in:
Luis Guzmán 2025-01-21 17:27:32 -06:00
parent 919f52e9d0
commit 7a93ca1905
2 changed files with 6 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
etherpad-docker.sh
View File

@ -88,12 +88,7 @@ sudo -u postgres psql <<DB
CREATE DATABASE ${ETHERPAD_DB_NAME}; CREATE DATABASE ${ETHERPAD_DB_NAME};
CREATE USER ${ETHERPAD_DB_USER} WITH ENCRYPTED PASSWORD '${ETHERPAD_DB_PASS}'; CREATE USER ${ETHERPAD_DB_USER} WITH ENCRYPTED PASSWORD '${ETHERPAD_DB_PASS}';
GRANT ALL PRIVILEGES ON DATABASE ${ETHERPAD_DB_NAME} TO ${ETHERPAD_DB_USER}; GRANT ALL PRIVILEGES ON DATABASE ${ETHERPAD_DB_NAME} TO ${ETHERPAD_DB_USER};
\c ${ETHERPAD_DB_NAME} GRANT CREATE, USAGE ON SCHEMA public TO ${ETHERPAD_DB_USER};
ALTER SCHEMA public OWNER TO ${ETHERPAD_DB_USER};
GRANT USAGE ON SCHEMA public TO ${ETHERPAD_DB_USER};
GRANT ALL PRIVILEGES ON ALL TABLES IN SCHEMA public TO ${ETHERPAD_DB_USER};
GRANT ALL PRIVILEGES ON ALL SEQUENCES IN SCHEMA public TO ${ETHERPAD_DB_USER};
ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT ALL ON TABLES TO ${ETHERPAD_DB_USER};
DB DB
# Check fot docker if not running then execute # Check fot docker if not running then execute
@ -122,14 +117,17 @@ fi
if [ "$(grep -c etherpad "$WS_CONF")" != 0 ]; then if [ "$(grep -c etherpad "$WS_CONF")" != 0 ]; then
echo "> Webserver seems configured, skipping..." echo "> Webserver seems configured, skipping..."
elif [ -f "$WS_CONF" ]; then elif [ -f "$WS_CONF" ]; then
echo "> Setting up webserver configuration file..."
if ! grep -q 'map $http_upgrade $connection_upgrade' "$WS_CONF"; then if ! grep -q 'map $http_upgrade $connection_upgrade' "$WS_CONF"; then
echo " > Setting mapping upgrade connection."
sed -i "/$WS_MATCH2/i # This is required to proxy Grafana Live WebSocket connections or Etherpad" "$WS_CONF" sed -i "/$WS_MATCH2/i # This is required to proxy Grafana Live WebSocket connections or Etherpad" "$WS_CONF"
sed -i "/$WS_MATCH2/i map \$http_upgrade \$connection_upgrade {" "$WS_CONF" sed -i "/$WS_MATCH2/i map \$http_upgrade \$connection_upgrade {" "$WS_CONF"
sed -i "/$WS_MATCH2/i \ \ default upgrade;" "$WS_CONF" sed -i "/$WS_MATCH2/i \ \ default upgrade;" "$WS_CONF"
sed -i "/$WS_MATCH2/i \ \ '' close;" "$WS_CONF" sed -i "/$WS_MATCH2/i \ \ '' close;" "$WS_CONF"
sed -i "/$WS_MATCH2/i }" "$WS_CONF" sed -i "/$WS_MATCH2/i }" "$WS_CONF"
else
echo " > Upgrade connection mapping already setup."
fi fi
echo "> Setting up webserver configuration file..."
sed -i "/$WS_CONF_MATCH1/i \ \ \ \ #Etherpad block" "$WS_CONF" sed -i "/$WS_CONF_MATCH1/i \ \ \ \ #Etherpad block" "$WS_CONF"
sed -i "/$WS_CONF_MATCH1/i \ \ \ \ location \^\~\ \/etherpad\/ {" "$WS_CONF" sed -i "/$WS_CONF_MATCH1/i \ \ \ \ location \^\~\ \/etherpad\/ {" "$WS_CONF"
sed -i "/$WS_CONF_MATCH1/i \ \ \ \ \ \ \ \ proxy_http_version 1.1;" "$WS_CONF" sed -i "/$WS_CONF_MATCH1/i \ \ \ \ \ \ \ \ proxy_http_version 1.1;" "$WS_CONF"

1
jra_nextcloud.sh
View File

@ -196,6 +196,7 @@ sudo -u postgres psql <<DB
CREATE DATABASE nextcloud_db; CREATE DATABASE nextcloud_db;
CREATE USER ${NC_DB_USER} WITH ENCRYPTED PASSWORD '${NC_DB_PASSWD}'; CREATE USER ${NC_DB_USER} WITH ENCRYPTED PASSWORD '${NC_DB_PASSWD}';
GRANT ALL PRIVILEGES ON DATABASE ${NC_DB} TO ${NC_DB_USER}; GRANT ALL PRIVILEGES ON DATABASE ${NC_DB} TO ${NC_DB_USER};
GRANT CREATE, USAGE ON SCHEMA public TO ${NC_DB_USER};
DB DB
echo -e "\nDone!\n" echo -e "\nDone!\n"